Requirements

General qualifications: • 3+ years of operational experience in Information Technology & Information Security. • Good written and verbal communication skills in English • University Degree in Computer Science, Computer Engineering or other relevant field. • Certifications such as CEH, Security+, ISO 27K, SANS would be considered as an asset. • Good interpersonal communication and presentation skills. • Ability to be a team player. • Ability to work effectively in multiple cultures and at a range of levels. • Ability to constantly build up skillset using a mix of self-motivated and course based learning environment. • Ability to work independently, proactively to see the big picture and work through solutions as needed. • Good knowledge of Windows, Linux, data bases (MySQL, no-SQL), antimalware,IDS and other security technologies. • Basic understanding of virtualization and software-defined data center concepts. • Knowledge of OSI reference model and networking fundamentals (switching,routing, load-balancing, firewalling). • Understanding of commonly used Internet protocols such as SMTP, HTTP, and DNS. • Basic understanding of cryptographic functionality within such protocols would be of advantage. • Familiar with Security Regulations and Standards. Technical qualifications: • Experience with API testing and Mobile Application testing • Hands-on experience with two or more scripting languages such as Python,Powershell, Bash, or Ruby • Familiarity with penetration testing tools and tool suites such as Burp Suite, OWASP ZAP, Kali Linux, etc • Proficiency or experience in any one of the following tools would be anadded advantage including Zed Attack Proxy, Micro Focus, Kiuwan, QARK,Android Debug Bridge, CodifiedSecurity, Drozer, WhiteHat Security • Ability to demonstrate clear understanding of following vulnerabilities including SQL Injections, Cross Site Scripting (XSS), Broken Authentication & Session Management, Insecure Direct Object References, Security Misconfiguration, Cross-Site Request Forgery (CSRF), Participate in code audit/review • An aptitude for technical writing, including assessment reports and presentations • Strong understanding of penetration testing frameworks • Advanced knowledge of mobile application testing techniques, software protocols and the ability to bypass common mobile application security controls • Understanding of offensive security, including offensive evasion techniques • General knowledge of web applications, databases, mobile, and cloud applications • Strong knowledge of Open Web Application Security Project (OWASP) (WEB and Mobile) • Ability to think outside the box and emulate adversarial approaches